LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-02-2004, 09:24 AM   #16
jamrock
Member
 
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444

Rep: Reputation: 41

Quote:
Does it mean that the database is transparent? Not stored in any file?
The database is stored in a few files. You specify the location of the files in the slapd.conf file.


Quote:
directory /var/lib/ldap
It is a good idea to back up this directory on a regular basis if you are using LDAP in a production environment.

Note that when you compile openLDAP you specify the type of database to use. Some people use the Berkeley Database while other use ldbm.

The slapd.conf contains a record of the database used.


Quote:
database ldbm
If you use an rpm, you may have to use the database that was chosen by the person compiling the rpm.
 
Old 08-02-2004, 09:37 AM   #17
jamrock
Member
 
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444

Rep: Reputation: 41
Quote:
Actually what I'm trying to pick up now is Samba with OpenLDAP as told by my supervisor .
Here is the deal... Samba with LDAP has a fairly steep learning curve. You have to be comfortable with a number of different technologies in order to do it well.

These include:

Berkeley Database
OpenSSL
OpenLDAP
BIND (DNS)
DHCP (If you don't want to used fixed I.P. addresses)
Samba 3.x
Windows 200x/NT

I would recommend that you learn each of these things, then bring them all together for Samba 3.x.

A good way to learn OpenLDAP is to create a centralized address book on your network. You can create a list of your co-workers, their telephone numbers, departments, etc. on a Linux box. Everyone can then access this information via Outlook.
 
Old 08-03-2004, 03:11 AM   #18
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Quote:
Originally posted by jamrock

Note that when you compile openLDAP you specify the type of database to use. Some people use the Berkeley Database while other use ldbm.
I not sure what database it use cause its pre-installed with FC2. How do I check?
 
Old 08-03-2004, 03:16 AM   #19
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Quote:
Originally posted by jamrock
Here is the deal... Samba with LDAP has a fairly steep learning curve. You have to be comfortable with a number of different technologies in order to do it well.

These include:

Berkeley Database
OpenSSL
OpenLDAP
BIND (DNS)
DHCP (If you don't want to used fixed I.P. addresses)
Samba 3.x
Windows 200x/NT

I would recommend that you learn each of these things, then bring them all together for Samba 3.x.

A good way to learn OpenLDAP is to create a centralized address book on your network. You can create a list of your co-workers, their telephone numbers, departments, etc. on a Linux box. Everyone can then access this information via Outlook.
What I'm still confused is the difference between OpenLDAP and LDAP. Seriously, where should I start? Now, I'm googling some guide on inserting and searching data in ldap database.
 
Old 08-05-2004, 09:25 PM   #20
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Quote:
Originally posted by subaruwrx
What I'm still confused is the difference between OpenLDAP and LDAP. Seriously, where should I start? Now, I'm googling some guide on inserting and searching data in ldap database.
bump
 
Old 08-06-2004, 07:40 AM   #21
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536

Rep: Reputation: 110Reputation: 110
These days, I'm as well digging into OpenLDAP. It was first quite confusing reading about it, but some things start to getting more clear to me now.

To answer your question, LDAP is a protocol, just like FTP, or HTTP. There are more than just one implementations of the protocol (say, "actual programs"). To make this clear, compare with HTTP protocol. HTTP is a protocol understood by several servers and clients (MS-Intenet Explorer, Mozilla, lynx,.. but also apache, MS-IIS on the server side). Each having their features and some even have "extensions" to the protocol (ehm...) or don not support all of the HTTP protocol.

To continue this comparison HTTP --> LDAP, a webserver usually stores the content it serves in html-files. But for the protocol this doesn't matter at all: You could build your own web-server which does not use files (.html) to serve (html) content, but stores it in some database (or a sponge for that matter, if you manage to store html in a sponge). (note this idea is not too far fetched when you think about PHP getting html code from MySQL).

The same goes for LDAP: it's a protocol, and there are quite different programs (servers, clients) that use this protocol. How an LDAP server stores the information it serves, does not matter at all, as long as the data is served in compliance to the LDAP protocol, all LDAP-clients (e-mail-programs to look up addresses from person, or other LDAP aware programs) will be able to request and get information from the any LDAP-server. Some servers that "do" LDAP also use the information stored in them do other things with it, like Novell's NDS (now called eDirectory, or Microsoft's Active Directory)

OpenLDAP is a well-known (open source) suite of programs (server and command line client programs) that uses the LDAP protocol, and thus any mail-program that supports the LDAP-protocol for looking up addresses can connect to a OpenLDAP server to get the information.

In short: just like "apache" is a HTTP server, "OpenLDAP" is an LDAP server.
 
Old 08-06-2004, 07:49 AM   #22
Hko
Senior Member
 
Registered: Aug 2002
Location: Groningen, The Netherlands
Distribution: Debian
Posts: 2,536

Rep: Reputation: 110Reputation: 110
As I mentioned in my previous post, I am getting used to (Open)LDAP as well at the moment. Some useful links I'm reading:

"Dave Carrigan", author of the apache ldap module "auth_ldap", wrote a nice summary on the debian-users mailing list about what things (dc, dn, cn, o, ou, o...) mean in LDAP jargon. A nice document to get you started if you already know what LDAP more or less is.
http://lists.debian.org/debian-user/.../msg03675.html

OpenLDAP Administrator guide: http://www.openldap.org/doc/admin21/

Other nice intro's:
http://www.tldp.org/HOWTO/LDAP-HOWTO/index.html
http://www.zytrax.com/books/ldap/
http://www.sbfsbo.com/mike/OpenldapTutorial/
http://www.linuxjournal.com/article.php?sid=5182
http://www.onlamp.com/pub/a/onlamp/2...7/ldap_ab.html
http://yolinux.com/TUTORIALS/LinuxTutorialLDAP.html


More advanced doc's:

OpenLDAP's onw administrator guide:
http://www.openldap.org/doc/admin22/index.html
http://www.bayour.com/LDAPv3-HOWTO.html

The technical stuff about the LDAP protocol:
ftp://ftp.isi.edu/in-notes/rfc2251.txt
 
Old 08-06-2004, 08:00 AM   #23
hob
Senior Member
 
Registered: Mar 2004
Location: Wales, UK
Distribution: Debian, Ubuntu
Posts: 1,075

Rep: Reputation: 45
As jamrock says there are several elements to this, and there is a real learning curve to get over before you'll have a system that you're comfortable with.

There are loads of tutorials on the Web that deal with either Samba as a DC or LDAP, but IMHO most of them are more dangerous than helpful because they simplify and miss stuff out (usually security !), so although you end up with a system that might work you won't be clear enough about what's going on to run it. The official docs I cited really are decent quality, and are the clearest and best stuff available on-line to both teach the concepts and walk you though setting up the pieces.

I get the feeling that you are trying to take each bit as it comes and avoid reading the docs fully, and from personal experience you won't get a system that you're happy with until you are familiar with the concepts behind what you're trying to set up. I spent days beating my head in frustration over Samba+Active Directory before I stopped, read the Samba documentation and was enlightened. I then had it configured, working and documented in a couple of hours.

Also, if you're working within a larger institution the central IT team will probably have people who've worked with LDAP and Samba who can help you out for the price of a coffee, once you've read enough to frame the right questions.
 
Old 08-06-2004, 11:06 AM   #24
subaruwrx
Member
 
Registered: Mar 2004
Distribution: Ubuntu Feisty
Posts: 641

Original Poster
Rep: Reputation: 30
Thumbs up

Great information!

I got a better understanding of LDAP and OpenLDAP now. Will start reading the guides and tutorials.

Thanks man
 
Old 08-06-2004, 09:24 PM   #25
jamrock
Member
 
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444

Rep: Reputation: 41
Quote:
I not sure what database it use cause its pre-installed with FC2. How do I check?
Quote:
The slapd.conf contains a record of the database used.

database ldbm

If you use an rpm, you may have to use the database that was chosen by the person compiling the rpm.
 
Old 08-06-2004, 09:31 PM   #26
jamrock
Member
 
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444

Rep: Reputation: 41
OpenLDAP is a very powerful tool. You can use it to authenticate Windows clients (Samba), Linux clients (NIS replacement), email (qmail), instant messaging (Jabber) and others.

Take your time and learn it well. It is being used more and more as a means of providing a single source of authentication on mixed networks. Remember that Active Directory (Windows 2000) is LDAP with Microsoft's proprietary extensions.

Try and set up the shared address book. After working with it for a while you should be able to use OpenLDAP for authentication.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP: Can't contact master ldap server rulirahm Linux - Networking 2 07-14-2014 02:02 AM
LDAP server not starting as user LDAP klnasveschuk Fedora 1 02-15-2007 04:49 AM
AD, OpenLDAP bentman78 Linux - Networking 1 03-15-2005 12:34 PM
openldap quarry_06 Linux - Networking 7 11-21-2004 01:11 PM
ldap-abook unable to get street name in ldap-entry Jingle Linux - Software 1 06-06-2004 07:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration